I have read the online articles about verifying timestamps (in particular the ones for PDF) and I understand about verifying the certificates used in the timestamp response using the TElCientTSPInfo class.

However, I can't locate any information regarding verifying the actual timestamp itself - in particular I would like to confirm that the MessageImprint authenticated attibute is correct. Is there a method for obtaining the required digest so it can be compared with that from the timestamp?

All the necessary validity checks of the timestamp value are performed internally by TElCustomTSPClient descendants inside their Timestamp() methods. I.e., you just have to check the return value of this method to ensure that the timestamp is correct. If one (or some) of timestamp parameters are invalid, TSP error (e.g., SB_TSP_ERROR_WRONG_IMPRINT) is returned.

Innokentiy Ivanov wrote:
All the necessary validity checks of the timestamp value are performed internally by TElCustomTSPClient descendants inside their Timestamp() methods.

Sorry, but I don't think you understood my original post. I need to verify the timestamp of an existing signature. As far as I can tell this method is only called when actually performing the timestamp request to the server. I need to check if the timestamp of a signature is valid, similar to checking the validity of a signature with the Validate() method

Quote

Eugene Mayevski wrote:
Well, the certificates used to sign the timestamp must be validated by the application.

Yes, I can validate the certificates OK using the articles in the knowledgebase, but the timestamp itself must first be validated rather than just relying on the validity of the certificates.

We use cookies to help provide you with the best possible online experience. By using this site, you agree that we may store and access cookies on your device. You can find out more about and set your own preferences here.